Putting server on the internet or not
Scot L. Harris
webid at cfl.rr.com
Thu Dec 15 13:32:48 UTC 2005
On Wed, 2005-12-14 at 23:21, Bruno Wolff III wrote:
> On Wed, Dec 14, 2005 at 13:31:10 -0500,
> "Scot L. Harris" <webid at cfl.rr.com> wrote:
> >
> > For home users one of the cheap Netgear or Linksys routers/firewalls do
> > a good job. If you want to learn more, setting up a separate box as a
> > firewall can be good but you will need to spend more time researching
> > and monitoring such a system than one of the cheap devices mentioned
> > above.
>
> This isn't really necessary. The main advantage of an external firewall
> protecting one server is to limit what server can send out if it gets
> compromised. Typically that isn't a huge risk, and if it is I wouldn't
> trust some cheapo router that could be more vulnerable than the server
> it is supposed to be protecting.
>
> iptables can do a fine job of limiting what services are exposed to the
> outside.
Possibly not necessary. But for the average home user that is trying to
learn web admin and other tasks using a cheap hardware router/firewall
as a first line of protection is probably better, at least initially,
than exposing a system where they are just learning about iptables.
This allows them to ease into it while still being able to get the task
done which they really want to do, server web pages.
And since this appeared to be the OPs first attempt at this it still
seems like a good suggestion.
More information about the fedora-list
mailing list